Top Cybersecurity trends for 2020
posted: March 9th 2020
In the last few years, we have noticed a rise in the number of industrial cyberattacks despite a significant investment in security. As there has been a recent increasing desire for greater automation as well as the operational benefits of latest technologies such as IOT and AI, the attack surface has been greater.
New EU laws such as NIS, and more active national regulators alongside high profile incidents, have urged the industry to be more aware and do more.
According to latest trends, there are major changes ahead in industrial cybersecurity strategies. Our cybersecurity solution partner, Radiflow, predicted the upcoming trends in OT security.
You can learn more about the major changes here:
Process manufacturing will become the fastest growing segment for OT security adaption.
Based on the last 12-month industry research, alongside the central government sector, utilities and manufacturing will spend the most on cybersecurity (at 7.8% CAGR between 2017 and 2022).
Due to globalization and geopolitical instability, major incidents are expected to occur in neutral locations.
Multinationals, subsidiaries and partner networks operating in geopolitically sensitive countries and regions are at higher risk of cyberattack. The activities of these companies in sensitive countries may expose and risk their entire network, including sites located in areas that are not the immediate target of attackers. Radiflow highlights that a lack of inter-site segregation leads to higher vulnerability.
Increasing demand for OT cybersecurity constrained by a human resource limitation will boost MSSP adoption.
There is a deficit in cybersecurity experts with the skill set of an “industrial” infosec team spanning the world of IT and Scada. This trend will lead to an increased adaptation of managed security services and outsourcing, which has even started in broad IT, and industrial security is also picking it up.
Radiflow prediction says that the process will rapidly speed up in the next year, especially noticing that tier-2 industrial enterprises are starting to double down on cybersecurity compliance.
Value-added functionality will help companies justify their investment in ICS Security Solutions.
As enterprises realise the need for OT cybersecurity to reduce their exposure to potential attacks, it should also be vital to obtain value-added features to justify the new investment. Therefore, alongside OT security, the same system should monitor the operational health of devices for inventory purposes, and provide key metrics for system availability, maintenance and capacity planning.
A business-driven, risk-orientated cybersecurity strategy is a core requirement for enterprises to effectively combat cyberattacks.
In the case of those industrial organisations where the systems are over a decade old, during the process of strengthening the cybersecurity systems, vulnerabilities and weaknesses may be revealed.
Business-driven, risk-oriented systems must be at the core of any OT security strategy and must move away from the current industrial cybersecurity approach, which is mainly focused on visibility, hygiene and threat monitoring. To handle the events and recommendations effectively, risk-oriented prioritisation of threats, vulnerabilities and mitigation measures must be provided. Without that approach, the infosec team will waste time and resources fixing problems that do not have much impact on critical systems. Meanwhile, the dangerous vulnerabilities will remain.
Taking into consideration that ICS CERT will usually add between 100-150 new entries each quarter that are relevant to ICS/SCADA environments, categorising the risk of systemic risks must be the most crucial consideration for every enterprise in 2020. ITS, in collaboration with Radiflow, offers highly trusted Industrial Cybersecurity Solutions for critical business operations. Click here and learn more about our game changing industrial cybersecurity technologies.